FRONTLINE COMMENTARY

OTHER FRONTLINE BLOGS

JAYA PRAKASH's picture
Uber suffers massive databreach in Singapore
Posted on Dec 22, 2017
|  0 comments

It has happened again! On the heels of a massive data breach involving details of Singapore's national servicemen earlier this year, the country has been hit again – this time with ride-hailing company Uber.

It may have been the most dubious of all distinctions to have – Singapore has overtaken the US, Russia and China as the nation launching the most cyberattacks globally.

The Bloomberg news report would surely have made many shake their heads in disbelief. The report quoted Check Point Software Technologies Ltd, an Israeli data company, as saying that Singapore rose to "pole position" after ranking in the top five attacking countries for the previous two weeks.

“It is not particularly unusual for Singapore to be featured among the top attacking countries,” said Eying Wee, Check Point’s Asia-Pacific spokeswoman, before adding that much of the internet traffic flowing through Singapore actually originates in other countries. Technically, that could just mean that most of the attacks originate outside Singapore before they flow through the city-state and hit something or someone outside its borders.

That means a cyber attack recorded as coming from Singapore may have been launched outside the country, explained Wee.

“As a commercial hub with high interconnectivity," highlighted a spokesman for the city-state's Cyber Security Agency, "Singapore is undoubtedly an attractive target for cybercriminals.”

Singapore has never concealed its secret desire to burnish its credentials and become a global technological hub. It recently stepped up efforts aimed at tightening cyber security.

"Singapore has now found itself on someone's list," Singapore's Defence Minister Ng Eng Hen said last summer in a cryptic riposte for the series of cyber attacks the nation had suffered for 2017. “The attacks are orchestrated, the attacks are targeted, they want to steal specific information,” he noted.

But just as startling for Singapore, was a news of the loss of data belonging to 380,000 Uber subscribers. The saving grace, however, was that there was no theft of credit card or bank account details.

Uber quickly mopped up by shutting down further unauthorized access and began strengthening its data security. As authorities began their investigations, the foremost concern was whether Uber had breached the data protection provisions of the nation’s Personal Data Protection Act.

Still, nothing was left to chance. Singapore’s transport regulatory body, the Land Transport Authority, urged Uber to comply with the PDPA regarding the data it collects from its commuters and drivers and held to high standards of public accountability. .

Over in the Philippines, the Philippine National Privacy Commission said that more than 170,000 Filipino drivers and passengers were affected by the data breach. Meanwhile, the number of affected Uber user accounts in the United Kingdom stood at 2.7 million, while Uber Canada said that 815,000 Canadian riders and drivers may have been affected.

The speed at which data is breached with impunity, coupled with the sophistication with which attacks are mounted, tends to make present systems of pre-emption and prevention unmistakably fallible.

Sanjay Aurora, Managing Director (Asia-Pacific) of cyber security firm Darktrace was quoted as telling Singapore’s TODAY paper that cyber protection is “no longer a challenge that can be tackled by humans alone".

Uber chief executive officer Dara Khosrowshahi acknowledged in a blog post on the company’s official website that, in 2016, two hackers broke into a third-party cloud-based system that contained the private information of its customers.

The cyber attack earlier this year on Singapore's military establishment has undoubtedly unnerved the city-state. It has not only tightened its security apparatus and protocols but has asked most civil servants to stop accessing the Internet from their work computers.

The nation’s central bank, the Monetary Authority of Singapore, followed suit by inaugurating an international advisory committee aimed at beefing up safety and resilience of Singapore's financial sector.

– Jaya Prakash is a journalist living in Singpore

Comments